Exclude specific auth.urls routes

Exclude specific auth.urls routes

This overrides the urlpatterns for the standard django.contrib.auth.urls and makes it easy to exclude whichever paths you no longer need from your routing. It's a small thing, but it keeps your end-product nice and tidy for the users.

I was recently setting up authentication for a new site written using Django, and as part of this I overrode a couple of the included authentication views so I could add messages and change the redirect on success.

For example, the PasswordResetConfirmView now redirects to login on success.

class ConfigPasswordResetConfirmView(SuccessMessageMixin, PasswordResetConfirmView):


Sidenote: I always name my Django project config, and collect any centralised functionality here.

I did the same thing with PasswordChangeView, which rendered the password_change_done authorisation view redundant. So instead of redirecting to a view that simply displayed a success message, I redirected to somewhere more sensible and used the built in message functionality to display the success message for a more standard look.

This all works nicely, but of course it now means that the authentication view password_reset_complete is now redundant. Again, it's not really a problem, but remember we usually import all auth views in our project, like this:

urlpatterns = [
...
path("auth/", include("django.contrib.auth.urls")),
...
]


This means that the redundant views are still there, and can be accessed directly via their urls, so pages like this are still available:

Not the end of the world perhaps, but not great either, since I assume your site looks completely different from the standard admin view, and having this pop up for a user might be very confusing.

So, I decided to get rid of them, which turned out to be quite simple in the end.

I created a new file: config/urls_auth.py, which I then used for the include in the regular urls.py file, like this:

urlpatterns = [
...
path("auth/", include("config.urls_auth")),
...
]


And set up urls_auth.py like this:

from django.contrib.auth.urls import urlpatterns as original_urlpatterns


This overrides the urlpatterns for the standard django.contrib.auth.urls and makes it easy to exclude whichever paths you no longer need from your routing.